Close

We use cookies to help enhance your experience and improve the functionality of our website.
For more details and help to manage your cookie options read our Privacy & Cookies information.

During your Qualification you will gain:

 
  •  A solid working knowledge of the practical implications of the General Data Protection Regulation (GDPR) and ePrivacy Regulation to help you avoid heavy fines and damage to your business’ reputation

This Certificate programme has been developed in partnership with the DMA Legal Team, DMA Responsible Marketing Committee and the GDPR External Working Party.

Course availability 

start study mode location member non-member exam fee
Intensive Central London (W1W 8SS) £1995.00 £1995.00 £0.00
more info
book until 30 Oct 2017
venue DMA House, 70 Margaret Street
study periods 30th October - 31st October 2017
Online Online £1995.00 £1995.00 £0.00
more info
book until 31 Oct 2017

NB: Prices above subject to VAT.

Course information

syllabus
Module 1: Introduction to GDPR 
  • Understand how the General Data Protection Regulation (GDPR) will affect processing outside of the EU
  • Recognise how the new GDPR was developed by EU lawmakers
  • How will the new law be enforced?
  • Key definitions and scope
  • The global scope of the new legislation
  • Who is affected by the Regulation and what are the responsibilities?
 
Module 2: The principles of GDPR
  • What are the ‘new’ principles and what practical impacts do these have?
  • How do they compare with the principles under Data Protection Act 1998?
 
Module 3: The requirements for consent 
  • Consent - under GDPR & ICO guidance, covering both 1st and 3rd party consent, with relevant examples
  • Includes comparison between GDPR and current law (DPA & PECR)
 
Module 4: Legitimate interests 
  • What is it?
  • How to conduct the balancing test
  • Relevant examples of use and risk mitigations
 
Module 5: Automated processing, including profiling
  • Definition and the 3 types of profiling
  • What are the specific requirements and conditions?
 
Module 6: Individuals rights under GDPR 
  • Right to object
  • Access to data & right to rectification
  • Right to be forgotten & right to erasure
  • Data minimisation
  • Right to data portability
 
Module 7: Information to be provided to data subjects (Articles 13 & 14) 
  • Article 13: Information to be provided where personal data are collected from the data subject
  • Article 14: Information to be provided where personal data have not been obtained from the data subject
 
Module 8: Good data governance 
  • Role of a Data Protection Officer
  • Conducting a Data Protection Impact Assessment (DPIA)
  • Conducting a Data Protection Compliance Review (DPCR)
  • How to undertake risk minimisation measures
  • Data retention
  • Staff training
 
Module 9: ePrivacy Directive (draft)
  • What has changed?
  • Extra-territoriality and 4% fines (same as GDPR)
  • What the regulations apply to (OTT, IOT, M2M and more)
  • New rules for communications data
  • E-marketing rules
  • Exemption for analytics cookies
 
Module 10: Data security obligations 
  • Understand data security risks
  • Ability to pursue confinement and data minimisation strategies
  • What are the changes to contracts under GDPR?
 
Module 11: Cloud computing

Understanding of:
  • ISO27001 overlap
  • Cloud, computing considerations
  • Mobile technologies
  • Tokenisation
  • Data leakage monitoring
 
Module 12: Action planning 
  • Preparing an action plan for pre-implementation
  • Designing a ‘security aware’ culture
  • Managing data in a structured way
study mode

Intensive – Central London
2 days face-to-face study (plus eBook) to take place at the IDM offices in Central London. The exact location of our courses vary, so please make sure you check before attending.

Online
Enjoy the flexibility of devising your own personalised study routine with your programme deadlines via a stream of online content run over 6 months. You will receive email support and 24/7 access to course materials. For more information call 020 8614 0277.
Corporate training
This programme can be fully customised and delivered to your staff in-house. For more information visit www.theidm.com/corporate-marketing-training.
course info
Who is the programme for?
Data Protection Officers (DPOs) for marketing companies and senior marketing managers across private, public, not-for-profit, charity and Government sectors. All employees who are directly accountable for Data Protection within their organisations. 
 
Benefits to the organisation
Non-compliance of the GDPR can result in fines of up to 4% of global turnover or €20m, whichever is the greater. Reputational damage could be worse as businesses lose market share and customer confidence.
 
Senior managers or DPO with a firm grasp of the technical and organisational implications of the GDPR and ePrivacy Regulation will help your business operate legally and confidently when the new laws come into force in May 2018.

 
Benefits to the individual
This Certificate programme, developed with the DMA, will give you the skills you need to deal with a wide range of Data Protection and Privacy challenges, and give you the confidence to change your organisation to make sure it is operates within the law come May 2018.
subject matter experts
Laura Irvine

Laura is a Partner in the Data Protection Team at BTO Solicitors LLP. She is an experienced Solicitor Advocate and a regulatory lawyer. She has a particular interest and expertise in data protection, privacy and information law.
 
Laura was co-counsel in relation to the first, and to date, only, successful appeal against an ICO fine for a breach of the Data Protection Act 1998. As a result Scottish Borders Council had their £250,000 fine returned to them.
 
Laura regularly provides contentious advice and assistance following data and cyber incidents to clients in the private, public and third sectors. She assists clients in handling subject access requests and how to comply with Data Protection Act 1998 and how to plan for the General Data Protection Regulation coming into force on 25 May 2018.  Laura is assisting several clients in the lead up to this significant regulatory change in the way that personal data is handled.
 
Laura is particularly passionate about data protection and according feedback from training sessions, makes an inherently dull subject entertaining.
 
Laura is a respected adviser on Cyber Resilience – the Scottish Government’s strategy in this crucial area. She is a Director of the Scottish Business Resilience Centre due to her expertise in cyber security law and is regularly asked to provide advice and training in this area.

Andrew Bridges

Joined REaD Group as Data Quality and Governance Manager in 2016 to spearhead the company's commitment to providing industry leading standards of data quality and governance. A ket part of Andrew's remit is ensuring REaD Group remains at the forefront of the EU regulatory landscape, in particular the new General Data Protection Regulation. Andrew has specialist expertise within European legislation and data regulation and information security. From 2012-2016, prior to joining REaD Group, Andrew held the roles as EMEA Data Governance Manager at AIMIA. During this time, Andrew led the formation and implementation of a universal governance framework across the company's European business divisions, as well as acting in an advisory role on key data management capabilities and design. 

Simon Hinks

Having started his data protection and direct marketing career in the travel industry, then moved to the Financial Services sector when the current 1998 Data Protection rules came into force, before deciding to set-up PMA his consultancy. A direct marketing practitioner and advocate of the power of data driven marketing, he is always keen to champion customer value management through effective segmentation and data complianec.

Initially worked with charities in 2016/2017 heping them become compliant with the current regulations and in preperation for GDPR. He has advised various businesses on their GDPR complaince, including car retailers, online/Smartphone app providers and legal firms. A member of the GDPR Institute and the Direct Marketing Association (DMA), also a judge for the annual Loyalty Awards.

Rosemary Smith

Rosemary began her career in publishing and then worked in the data business for Mardev and Axciom going on to start her first business, RSE Direct in 2003.

In 2004, with partner Jenny Moseley, she set up Opt-4 which advises organisations on UK and international data protection compliance and the maximization of marketing permissions. In 2014 she became co-founder of the Data Protection Network which offers advice and events for anyone involved in data compliance.

Rosemary has helped to shape the regulatory framework for marketing through extensive trade association involvement including chairmanship of the Direct Marketing Association's Board. She is currently Chair of the DM Trust. She has been an IDM tutor since 2004 and was made an Honorary Life Fellow of the IDM in 2009.

Tim Roe

Tim is a data marketing technologist and is responsible for privacy and compliance for RedEye, Tim is an experienced and qualified Direct Marketing professional and BCS certified data protection practitioner. Tim also holds a Masters level qualification on Data Protection law and Information Governance. 
 
Tim's experience covers a number of vertical markets, as well as industry wide risks, unravelling the complex issues of data protection and privacy law and finding workable solutions for the data marketing industry and its clients.

Tim is a regular industry blogger and euthor of a numerous white papers, including the DMA white paper email and cookies legislation.

Tim is an active industry contributer via the Direct Marketing Association (DMA) and contributes to the following groups;
  • Chair of the DMA GDPR task force
  • Member of the Responsible Marketing Committee
  • Chair of the email council GDPR working group
Specialities: Data Protection, Information Governance, ISO27001, Digital and Direct Marketing Strategy
 
Really helped me spark the ideas and inspiration to bring back to the office. I'm keen to put it into practice!

Renee Doegar,
London Review of Books

Train Your Teams

Upskill your teams marketing capabilities with a tailored IDM training plan that suits your business

Enhance your career with the IDM

Your training partner in filling digital and direct marketing skills gaps, setting you apart as a doer

X
share on